Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook

What did you do, reverse engineer it? Well, bonus points for you I guess.

To complete it you're just suppossed to get to congratulagions message. It's just a simple challenge geared towards newer people who dont have their own testing environment set up. Basically it's just a simulation to introduce people to some tools, show them how they work and the attacks associated with them. You could say the challenge is a bit skiddyish because it relies on the use of tools, but I think most people have to start with tools to learn concepts before they can start writing their own tools/exploits.

0phidian wrote:What did you do, reverse engineer it? Well, bonus points for you I guess.

Quite right, and thank you.

0phidian wrote:To complete it you're just suppossed to get to congratulagions message. It's just a simple challenge geared towards newer people who dont have their own testing environment set up. Basically it's just a simulation to introduce people to some tools, show them how they work and the attacks associated with them. You could say the challenge is a bit skiddyish because it relies on the use of tools, but I think most people have to start with tools to learn concepts before they can start writing their own tools/exploits.

I understand the reasoning and logic behind this challenge, however my post did have more than one intention (and none of them were to look like a tool). Primarily, I wanted to show you how easy it would be to reverse engineer this and cheat on it. I legitimately only had to load it in OllyDBG, look at the strings, and I found the password to the box. Granted, some strings are necessary to hard-code (commands, arguments, messages, etc.), but the password shouldn't be. Instead, some sort of algorithm (no matter how basic) should be implemented to randomly generate the password on each run. That way, although it would still be pretty simple to reverse engineer, it would deter most cheaters. Just some food for thought, really.

(If you're interested, the only other reason I did this was for funsies, as I haven't reversed anything in awhile (there aren't that many Linux-native debugger options out there that allow you to write to an executable).)

Anyway, good challenge, keep them up, just try to make them harder for me to break next time.

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook

centip3de wrote:I understand the reasoning and logic behind this challenge, however my post did have more than one intention (and none of them were to look like a tool). Primarily, I wanted to show you how easy it would be to reverse engineer this and cheat on it. I legitimately only had to load it in OllyDBG, look at the strings, and I found the password to the box. Granted, some strings are necessary to hard-code (commands, arguments, messages, etc.), but the password shouldn't be. Instead, some sort of algorithm (no matter how basic) should be implemented to randomly generate the password on each run. That way, although it would still be pretty simple to reverse engineer, it would deter most cheaters. Just some food for thought, really.

(If you're interested, the only other reason I did this was for funsies, as I haven't reversed anything in awhile (there aren't that many Linux-native debugger options out there that allow you to write to an executable).)

Anyway, good challenge, keep them up, just try to make them harder for me to break next time.

Thanks, I'll keep this in mind. I have never had someone trying to reverse engineer my code before, I'll have to do some research on how to make it harder to break.

this one was very nice, thanks for that. I hope you will make more of these, perhaps a bit more difficult to solve (and perhaps with a implementation of nmaping a whole range of subnet ids I'd look at the code to implement it by myself, but I'm not good enough in that stuff to do so...

Edit: OK, I have to take a look before saying something. If the code pasted to github is still the one for the challenge, you could perhaps add some code like that in the nmap-case (sorry for posting obvious things, just wanted to help approving this great challenge idea):